Question

Locked

remote desktop from home pc to offcie 2003 servers

By lynchd ·
Hello,
I am trying to connect my XPP 64bit home machine through remote desktop to my servers, 2003 enterprise, at the office using the admin username and password for the servers & keep on receiving the following error mesage: "The local policy of this system does not allow you to log on interactively".
I can find nothing in GPO's or Local SecPol restricting me and I am able to conect from other machines, ie my mac book pro but I dont always have that here so need to enable this machine to do this.
Can anyone point me in the right direction to resolve this please?
Any help very much appreciated.
Kind regards, Damian.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

by design

by computechdan In reply to remote desktop from home ...

it doesn't allow interactive logon via rdp to the console, without jumpin through a few hoops.

use another account from the administators group and u should be ok

let us know if u need more assistance

Collapse -

confused why only my machine though

by lynchd In reply to by design

I share the admin account with a couple of colleagues who access the servers no problem via rdp on their home machines.
Also I can access it via a mac book via rdp.
Would be really good just to get to the root cause rather than working round.
I'm sure otherwise this will rear its head again later and bite me.
many thanks, Damian.

Collapse -

prolly so, but not like u think

by computechdan In reply to confused why only my mach ...

it will likely bite u at some point, but much worse than u think.

it's good practice to disable or rename the administrator account, sometimes this is not practical as it has already been in use for some time.

in that case the next best option is to deny it the right to logon to any terminal server.

the reason for this is:

1. it's a known account so half the battle of hackin it is won before it starts

2. it's unlikely u have policy set to temporarly disable any account after a set number of logon failures

3. this exposes you to having the administrator account hacked by brute force or worse, if yer not using a secure type password a simple dictionary attack.

4. while yer at it disable and deny logon to any terminal server the microsoft support account that is created by default

Collapse -

point taken

by lynchd In reply to prolly so, but not like u ...

thank you.

Collapse -

yer welcome

by computechdan In reply to point taken

don't forget to MARK as helpfull any post that u find usefull so as to help others

Collapse -

A bit more information

by Jacky Howe In reply to remote desktop from home ...

local security policy prevents you from logging in interactively

http://support.microsoft.com/?kbid=276590

Back to Networks Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums